Analisis Vulnerabilitas Situs Web Universitas Pamulang Menggunakan Nessus

Authors

  • Asep Herman Nursalam Teknik Informatika, Program Pascasarjana, Universitas Pamulang, Kota Tangerang Selatan, Banten
  • R.P. Fiki Wisnu Subekti Teknik Informatika, Program Pascasarjana, Universitas Pamulang, Kota Tangerang Selatan, Banten
  • Astried Nirmala Safitri Teknik Informatika, Program Pascasarjana, Universitas Pamulang, Kota Tangerang Selatan, Banten
  • Yossy Veifbrian Fitri Prasmono Teknik Informatika, Program Pascasarjana, Universitas Pamulang, Kota Tangerang Selatan, Banten
  • Adila Indriyani Otafiyani Teknik Informatika, Program Pascasarjana, Universitas Pamulang, Kota Tangerang Selatan, Banten

Keywords:

Vulnerability Analysis, Vulnerability Assesment, Nessus, Website

Abstract

The Pamulang University (UNPAM) website is an official website that is used for various purposes. Therefore, website security needs to be maintained so that it is not exploited by irresponsible parties. Vulnerability analysis is one way to find out the vulnerabilities that exist in a system. This research aims to conduct vulnerability analysis on the UNPAM website using Nessus. The research results show that the UNPAM website has a high level of vulnerability. This is indicated by the existence of high and medium levels of vulnerability. These vulnerabilities can be exploited by irresponsible parties to attack the UNPAM website. To mitigate these vulnerabilities, UNPAM website managers can take preventative steps by upgrading to a cipher suite with a key length of 128 bits or more, verifying the authenticity of the SSL certificate, enabling DNSSEC and implementing a DNSSEC-enabled resolver, using a DNS firewall, and disabling TLS 1.0 and enabling TLS 1.2 or higher version.

References

[1] Mohamad Fathurahman, Zulhelman, and Abdul Aziz, “Vulnerability Assessment Dan Penetration Test Pada Website MA/MTs Husnul Khatimah Kuningan,” Pros. Semin. Nas. Terap. Ris. Inov., vol. 8, no. 3, pp. 138–145, Jan. 2023.

[2] Riyan Farismana and Dian Pramadhana, “Vulnerability Assessment Untuk Analisis Tingkat Keamanan Pada Sistem Informasi Repositori Karya Ilmiah Politeknik XYZ,” J. Tek. Inform. dan Teknol. Inf., vol. 3, no. 1, pp. 26–33, Apr. 2023, doi: 10.55606/jutiti.v3i1.2208.

[3] M. Hasibuan and A. M. Elhanafi, “Penetration Testing Sistem Jaringan Komputer Menggunakan Kali Linux untuk Mengetahui Kerentanan Keamanan Server dengan Metode Black Box: Studi Kasus Web Server Diva Karaoke.co.id,” Sudo J. Tek. Inform., vol. 1, no. 4, pp. 171–177, Dec. 2022, doi: 10.56211/sudo.v1i4.160.

[4] R. Armando, I. G. A. K. Melyantara, R. Elfariani, D. F. Latuconsina, and M. Nasrullah, “IT Support Website Security Evaluation Using Vulnerability Assessment Tools,” J. Inf. Syst. Informatics, vol. 4, no. 4, pp. 949–957, Nov. 2022, doi: 10.51519/journalisi.v4i4.330.

[5] M. Adha, Z. D. KWA, and A. H. Muhammad, “Website Security Test at The University of Mataram Using Vulnerability Assessment,” JIPI (Jurnal Ilm. Penelit. dan Pembelajaran Inform., vol. 8, no. 2, pp. 647–655, 2023, doi: 10.29100/jipi.v8i2.3830.

[6] M. Aziz, “Vulnerability Assesment Untuk Mencari Celah Keamanan Web Aplikasi E-Learning Pada Universitas XYZ,” J. Eng. Comput. Sci. Inf. Technol., vol. 2, no. 1, pp. 101–109, 2022, doi: 10.33365/jecsit.v1i1.13.

[7] E. Ruhiyat, “Analisis Faktor Yang Menjadi Penentu Mahasiswa Dalam Memilih Perguruan Tinggi,” INOVASI, vol. 3, no. 1, pp. 78–96, Apr. 2017, doi: 10.32493/Inovasi.v3i1.p%p.293.

[8] S. Farizy and E. S. Eriana, Keamanan Sistem Informasi, Tangerang Selatan: Unpam Press, 2022. Tangerang Selatan: Unpam Press, 2022.

[9] H. Kumar, Learning Nessus for Penetration Testing. Birmingham: Packt Publishing, 2014.

[10] S. Graph, “6 Types of Vulnerability Scanning,” Strike Graph, Inc., 2023. https://www.strikegraph.com/blog/6-types-of-vulnerability-scanning (accessed Dec. 04, 2023).

Downloads

Published

2024-07-31

Issue

Vol. 2 No. 1 (2024): Jurnal Ilmu Komputer (Edisi Juli 2024)

Section

Articles

License

Copyright (c) 2024 Asep Herman Nursalam, R.P. Fiki Wisnu Subekti, Astried Nirmala Safitri, Yossy Veifbrian Fitri Prasmono, Adila Indriyani Otafiyani

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.